Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 12 of 12
  1. #1
    Senior Coder
    Join Date
    Aug 2005
    Posts
    1,119
    Thanks
    2
    Thanked 1 Time in 1 Post

    Checking for submitted form

    I'm trying to figure out what the best method is to check if a form has been submitted. The techniques I'm aware of are the following:

    1) Submit to a separate page, that page always assumes a form submission
    2) Store a hidden input and check for that hidden input at process time
    3) Using ($_SERVER['REQUEST_METHOD'] == "POST")

    They all have their pros and cons, but I'm interested in how people feel about the different solutions. I've used #2 for years, but have recently started migrating over to #3. What bothers me about #3 is that the page can only run on one form easily (obviously you could just add a couple if statements), where as with #2, you could give each form it's own unique hidden input, and there would be no problems.

  • #2
    Senior Coder DJCMBear's Avatar
    Join Date
    Mar 2010
    Location
    United Kindom
    Posts
    1,173
    Thanks
    14
    Thanked 136 Times in 136 Posts
    Why dont you name the input fields for there job such as for a login have an input name for the username as "login_user" and the use a php if statement to check for it like this:
    PHP Code:
    if(isset($_POST['login_user']) &&  $_POST['login_user']!=""){
    // Your code here

    That way you can call different post calls at different time and not when you use $_SERVER['request_method']=="POST".

    You may want to use some php validation methods aswell such as is_numeric if you want all numbers and no text.
    Official BinPress hand picked coder.
    For anyone worried about SQL injection go have a look at my small yet powerful script here.
    Go Pledge for Light Table, if it hit's $300,000 Python and other languages will get added.
    I am 1 of 65,608 people to get a Pebble Watch :P

  • #3
    Senior Coder
    Join Date
    May 2005
    Posts
    2,137
    Thanks
    96
    Thanked 72 Times in 72 Posts
    I have always used #1. Just use extract($_POST) and then echo out the form.
    Rowsdower! has accused me of having mental problems, and the administrator allowed it. What a great forum huh?

  • #4
    Senior Coder DJCMBear's Avatar
    Join Date
    Mar 2010
    Location
    United Kindom
    Posts
    1,173
    Thanks
    14
    Thanked 136 Times in 136 Posts
    Quote Originally Posted by masterofollies View Post
    I have always used #1. Just use extract($_POST) and then echo out the form.
    You may not use one file for all posted data but like i said you cant submit a post without php codes that define the job being processed such as $_POST['hello'] and $_POST['bye'] are both a post object so if you say if(isset($_POST)) or if($_SERVER['request_method']=="POST") they could mean anything so both hello and bye functions would be called. Thats why i said define a name for the job at hand so your post querys can be used easerly, such as login_user for the input username where the user logs in, and then use if(isset($_POST) && $_POST['login_user']!="").
    Last edited by DJCMBear; 03-28-2010 at 09:50 PM.
    Official BinPress hand picked coder.
    For anyone worried about SQL injection go have a look at my small yet powerful script here.
    Go Pledge for Light Table, if it hit's $300,000 Python and other languages will get added.
    I am 1 of 65,608 people to get a Pebble Watch :P

  • #5
    Senior Coder
    Join Date
    May 2005
    Posts
    2,137
    Thanks
    96
    Thanked 72 Times in 72 Posts
    I was simply saying what I use in my scripts.
    Rowsdower! has accused me of having mental problems, and the administrator allowed it. What a great forum huh?

  • #6
    Senior Coder DJCMBear's Avatar
    Join Date
    Mar 2010
    Location
    United Kindom
    Posts
    1,173
    Thanks
    14
    Thanked 136 Times in 136 Posts
    i would suggest using #3 for submitting a form but use the way i said otherwise you would need alot of if/if else statements.
    Official BinPress hand picked coder.
    For anyone worried about SQL injection go have a look at my small yet powerful script here.
    Go Pledge for Light Table, if it hit's $300,000 Python and other languages will get added.
    I am 1 of 65,608 people to get a Pebble Watch :P

  • #7
    Senior Coder
    Join Date
    Jul 2009
    Location
    South Yorkshire, England
    Posts
    2,318
    Thanks
    6
    Thanked 304 Times in 303 Posts
    Quote Originally Posted by DJCMBear View Post
    i would suggest using #3 for submitting a form but use the way i said otherwise you would need alot of if/if else statements.
    There's absolutely no need to check the SERVER var. You're already doing the relevant check for POST with this code:

    Code:
    if (isset($_POST) && $_POST['login_user']!="")

    Edit: I'd personally change that to:

    Code:
    if (isset($_POST['login_user']) && !empty($_POST['login_user']))
    Last edited by MattF; 03-29-2010 at 01:09 AM.

  • #8
    Senior Coder DJCMBear's Avatar
    Join Date
    Mar 2010
    Location
    United Kindom
    Posts
    1,173
    Thanks
    14
    Thanked 136 Times in 136 Posts
    Quote Originally Posted by MattF View Post
    Code:
    if (isset($_POST['login_user']) && !empty($_POST['login_user']))
    Thats a good way to go because this way you can have more than one form with the method post and you can call certain codes when you need it unlike your first post when you said about $_SERVER['REQUEST_METHOD']=="POST" which would call anything between that if statement, so you are now headding into the right direction with the php post code.
    Official BinPress hand picked coder.
    For anyone worried about SQL injection go have a look at my small yet powerful script here.
    Go Pledge for Light Table, if it hit's $300,000 Python and other languages will get added.
    I am 1 of 65,608 people to get a Pebble Watch :P

  • #9
    Senior Coder
    Join Date
    Jul 2009
    Location
    South Yorkshire, England
    Posts
    2,318
    Thanks
    6
    Thanked 304 Times in 303 Posts
    Quote Originally Posted by DJCMBear View Post
    unlike your first post[...snipped]so you are now heading into the right direction with the php post code.
    Wrong person. I'm not the O.P.

  • #10
    Senior Coder DJCMBear's Avatar
    Join Date
    Mar 2010
    Location
    United Kindom
    Posts
    1,173
    Thanks
    14
    Thanked 136 Times in 136 Posts
    lol sorry wasnt paying attention to posters name haha

    and from your post you say theres no need to check for server var which is why i said not to use $_SERVER['REQUEST_METHOD']
    Official BinPress hand picked coder.
    For anyone worried about SQL injection go have a look at my small yet powerful script here.
    Go Pledge for Light Table, if it hit's $300,000 Python and other languages will get added.
    I am 1 of 65,608 people to get a Pebble Watch :P

  • #11
    Senior Coder
    Join Date
    Jul 2009
    Location
    South Yorkshire, England
    Posts
    2,318
    Thanks
    6
    Thanked 304 Times in 303 Posts
    Quote Originally Posted by DJCMBear View Post
    lol sorry wasnt paying attention to posters name haha
    No worries.

    and from your post you say theres no need to check for server var which is why i said not to use $_SERVER['REQUEST_METHOD']
    Aye, it is fairly moot checking it. If one of the known POST vars for the particular form is set, it's a fairly safe assumption that the form has indeed been posted.

  • #12
    Senior Coder DJCMBear's Avatar
    Join Date
    Mar 2010
    Location
    United Kindom
    Posts
    1,173
    Thanks
    14
    Thanked 136 Times in 136 Posts
    I normaly check for one of the required fields aswell as the form thats being checked so that it will only call the codes needed if all prams are met.
    Official BinPress hand picked coder.
    For anyone worried about SQL injection go have a look at my small yet powerful script here.
    Go Pledge for Light Table, if it hit's $300,000 Python and other languages will get added.
    I am 1 of 65,608 people to get a Pebble Watch :P


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •